How can we duplicate that to USB for us that have no CD nor DVD player such as on Netbook Acer D250 10" sized mini laptops?

Why can not a usb be made safe that way? Or a frugal on the hdd install?

Well you can't really as the media is rw (though I guess with some clever code it could be done as rw :? ). However, if you can boot from an SD card they have the little switch on the side to make them read only (aka ro) . I read somewhere on the forum that this works as far as booting puppy and running in RAM, though this was awhile ago. I'm feeling a bit lazy so sorry no link! :P

I have installed to SD card many times. Ironically, it turns out that the little "switch" on a SD card is not really a switch after all, but just a plastic tab which the reader senses. That means we are not going to be changing that switch without removing the card, which is not allowed when we have booted from it.

I have also tried USB flash which has a write-protect switch. (In my case, the "Clip Flash Drive" from imation.) Changing that write-protect switch in place is tough, but possible. After that, the next problem is a need to be hyper-aware of exposure in the write-enabled state. Whereas the optical drive file system can be limited to updating only when the user commands, the flash drive is always enabled and frequently written automatically. So if the user goes one step too far, that cannot be reversed, and recovering security means starting from scratch.

The advantage of the DVD is to load the current system (which involves traversing multiple directories finding the latest file, and somehow learning to ignore those which have since been erased) into RAM. After that, the DVD drive stops and there is no activity. The DVD is not used in operation (unless commanded, of course). So if the DVD drive suddenly starts up and blinks, we have a clear indication of a problem.

In contrast, the USB flash always runs and often blinks. A malware attack in that environment is just one momentary blink among many. There is no clear indication of trouble, and of course no way to recover either.

I promote Puppy Linux LiveDVD to people worried about online banking and get a lot of negative feedback. For one thing, many machines no longer have DVD capability, so there are continued requests for a secure flash approach. Having tried this myself in several ways and reasoned it out, I currently recommend using an external DVD writer instead. Nobody likes that, but it is the best I can do with the Puppy we have.

downloaded and burned. Booted right to desktop, changed timezone and set numlock, rebooted to desktop. Created 256MB ext3 savefile on vfat USB stick and rebooted to desktop. Setup up internet through desktop "connect" button and used regular Network Wizard. Setup up WPA connection through my wireless USB WUSB54G Linksys through to router, a WRT54G linksys.

Clicked on Browser icon, then attempted to download Firefox 4. Had the same initial result as tubeguy above (though I've had this occur before). Clicked Firefox again, download started. Checked gmail, watched some youtube - John Cleese on "How to Irritate People."

Sound icon x-ed out in tray, but self-rights even on initial boot after about one minute and thirty seconds.

Looking good. Thinking of making a 525 "spirit tree" out of all the burned CD's in this release run.... _________________"you fix what you can fix and you let the rest go.." - Cormac McCarthy - No Country For Old Men.

Did a totally fresh frugal install and set it up exactly as luci-257 which have worked many many times without the nosmp which 256 and the other needed before

but lupu525 went instantly into kernel panic so rebooted with power button the only way to get out of it and wrote nosmp on the kernel line and it booted. Tested only to look at picture and to play a mp4 file which it did. All looked normal.
What could be changed that made it go into panic when 257 never did go into panic. is it totally random then or what? _________________I use Google Search on Puppy Forum
not an ideal solution though

I have installed to SD card many times. Ironically, it turns out that the little "switch" on a SD card is not really a switch after all, but just a plastic tab which the reader senses. That means we are not going to be changing that switch without removing the card, which is not allowed when we have booted from it.

I have also tried USB flash which has a write-protect switch. (In my case, the "Clip Flash Drive" from imation.) Changing that write-protect switch in place is tough, but possible. After that, the next problem is a need to be hyper-aware of exposure in the write-enabled state. Whereas the optical drive file system can be limited to updating only when the user commands, the flash drive is always enabled and frequently written automatically. So if the user goes one step too far, that cannot be reversed, and recovering security means starting from scratch.

The advantage of the DVD is to load the current system (which involves traversing multiple directories finding the latest file, and somehow learning to ignore those which have since been erased) into RAM. After that, the DVD drive stops and there is no activity. The DVD is not used in operation (unless commanded, of course). So if the DVD drive suddenly starts up and blinks, we have a clear indication of a problem.

In contrast, the USB flash always runs and often blinks. A malware attack in that environment is just one momentary blink among many. There is no clear indication of trouble, and of course no way to recover either.

I promote Puppy Linux LiveDVD to people worried about online banking and get a lot of negative feedback. For one thing, many machines no longer have DVD capability, so there are continued requests for a secure flash approach. Having tried this myself in several ways and reasoned it out, I currently recommend using an external DVD writer instead. Nobody likes that, but it is the best I can do with the Puppy we have.

I am wondering if by using something like Gparted, you could recreate a SD Card into two partitions. Then you should be able to make one readonly be removing rights at the root.

Playdayz, just for fun, I did a fresh boot and setup with a hardwired connection between my eth1 (Realtek 8139) and my Linksys router. Setup firewall, then internet connection with the regular Network Wizard. Clicked on Browser, then Firefox 4, and the download began immediately. With wireless, I had the issue, with wired, no problem. Could it just be funkiness from the repository (ibiblio?) on the request for Firefox?
After setting up the hardwired connection, I pinged google with no problem, before clicking on the Browser setup icon. Might try the ping thing on a new wireless run through and see what happens, if you need that._________________"you fix what you can fix and you let the rest go.." - Cormac McCarthy - No Country For Old Men.Last edited by cowboy on Fri 01 Apr 2011, 17:22; edited 1 time in total

I am wondering if by using something like Gparted, you could recreate a SD Card into two partitions. Then you should be able to make one readonly be removing rights at the root.

just an idea

When we learn about the OS, we learn about the OS the way it was designed, which is not how it is when malware has control. After malware finds a way in, we cannot know what to trust about the subverted OS, if anything at all. The OS permissions are interpreted by code the malware can control or replace. That is what it means to be "owned."

We can trust hardware not to be subverted, and we do have flash drives with write-enable switches, but that is not enough either. We need a way to allow the user to control normal OS writes to the flash drive, just like writes to the DVD can be controlled. We need to be able to remove the flash as soon as the OS has booted.

I think we could get a significant security advantage from having a flash-drive file system organized like the DVD file system: We could plug in the flash, boot from it, THEN REMOVE IT. Alternately, we immediately do browser updates, save them, and THEN remove the flash (before doing anything hinky). And if we do end up with a bad driver or even suspicious files, we can remove the last "n" directories, just like on the DVD. That gets us back to a previously working system. Easy enough to say, but work to do.

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot edit your posts in this forumYou cannot delete your posts in this forumYou cannot vote in polls in this forumYou cannot attach files in this forumYou can download files in this forum